WeLeakInfo.to and associated domain names seized | USAO-DC

WASHINGTON – The FBI and the United States Department of Justice announced today that they have seized the internet domain name weleakinfo.to and two related domain names, ipstress.in and ovh-booter.com, following an investigation internationally on sites allowing users to buy access to stolen personal information or to carry out attacks on the networks of victims.

The announcement was made by U.S. Attorney Matthew M. Graves of the District of Columbia and Special Agent in Charge Wayne A. Jacobs of the FBI’s Washington Field Office Criminal and Cyber ​​Division.

“Today, the FBI and the Department stopped two common and distressing threats: websites that traffic in stolen personal information and sites that attack and disrupt legitimate Internet businesses,” said U.S. Attorney Graves. “Cybercrime often crosses national borders. Using strong working relationships with our international law enforcement partners, we will fight crimes like these that threaten privacy, security and commerce around the world.

“These seizures are excellent examples of the ongoing actions the FBI and our international partners are taking to disrupt malicious cyber activity,” said Special Agent in Charge Jacobs. “Interrupting malicious DDoS operations and taking down websites that facilitate the theft and sale of stolen personal information is a priority for the FBI.”

The WeLeakInfo.to website claimed to provide its users with a search engine to examine and obtain personal information obtained illegally in over 10,000 data breaches containing seven billion indexed records – including, for example, names, email addresses, usernames, phone numbers and passwords for online accounts. The website sold subscriptions so that any user could access the results of these data breaches, with subscriptions offering unlimited searches and access during the subscription period (one day, one week, one month, three months or life). In January 2020, the FBI and the US Department of Justice also announced that they had seized the internet domain name weleakinfo.com, shutting down a similar service then provided on that site.

The domains ipstress.in and ovh-booter.com were also seized. These sites publicly offered to carry out “distributed denial of service” attacks or “DDoS” attacks for customers – specifically, a format called boot or stress attacks. DDoS attacks are a type of network attack in which multiple Internet-connected devices are used to attack computers hosting a website – usually by flooding the site with Internet traffic – with the aim of rendering it inaccessible to legitimate users or unable to communicate with the Internet. .

With the execution of the warrant, the seized domain names – weleakinfo.to and related domains – are now in federal custody, effectively suspending operation of the website. Site visitors will now find a seizure banner warning them that the domain name has been seized by federal authorities. The U.S. District Court for the District of Columbia issued the warrant of seizure.

The seizures of these areas were part of a police action coordinated with the National Police Corps of the Netherlands and the Federal Police of Belgium. Actions taken by our international partners included the arrest of a main subject, searches at multiple locations, and seizures of web server infrastructure.

Anyone with information about weleakinfo.to or its owners and operators is encouraged to provide that information by filing a complaint (referring to #weleakinfo in the “Description of Incident” field) with the Internet Crime Complaint Center (IC3 ) from the FBI at https://www.ic3.gov/complaint/default.aspx.

These seizures are part of a comprehensive law enforcement action taken by the FBI, the U.S. Attorney’s Office for the District of Columbia and the Computer Crimes and Intellectual Property Section of the Department of Justice, as well as international law enforcement, including the Dutch National Police. and the Belgian Federal Police.